.TH BLACKHOLE6 1
.SH NAME
blackhole6 \- A tool to find IPv6 blackholes
.SH SYNOPSIS
.B blackhole6
.RB DESTINATION\| 
.IR [PARAMETERS \|]

.SH DESCRIPTION
.B blackhole6
is a tool to isolate IPv6 blackholes.

\fBSCRIPTS\fR




\fBget\-mx\fR

This script takes no further arguments, and operates as follows:

.sp
.RS 4
.nf
\+ The tool reads domain names from standard-input (oner per line),
\  and obtains the MX for the corresponding domain.

\+ Lines where the first non-blank character is the numeral sign (#)
\  are consdered to contain comments, and hence are ignored.

\+ The format of the resulting output is:
.fi
.RE

.sp
.RS 4
.nf
  # DOMAIN_NAME (CANONIC_NAME)
  MX_RECORD_1
  MX_RECORD_2
.fi
.RE

\fBget\-ns\fR

This script takes no further arguments, and operates as follows:

.sp
.RS 4
.nf
\+ The tool reads domain names from standard-input (oner per line),
\  and obtains the NS records for the corresponding domain.

\+ Lines where the first non-blank character is the numeral sign (#)
\  are consdered to contain comments, and hence are ignored.

\+ The format of the resulting output is:
.fi
.RE

.sp
.RS 4
.nf
  # DOMAIN_NAME (CANONIC_NAME)
  MX_RECORD_1
  MX_RECORD_2
.fi
.RE

\fBtrace-do8-tcp\fR
\fBtrace-do8-icmp\fR
\fBtrace-do256-tcp\fR
\fBtrace-do256-icmp\fR

These scripts are meant to obtain information about where in the network packets employing IPv6 Extension Headers are being dropped. They test the path with IPv6 packets containing TCP or ICMPv6 payloads and a Destination Options Header of 8 or 256 bytes. Based on the obtained results, the tool can infer what is the system causing the packet drops.


\fBtrace-hbh8-tcp\fR
\fBtrace-hbh8-icmp\fR
\fBtrace-hbh256-tcp\fR
\fBtrace-hbh256-icmp\fR

These scripts are meant to obtain information about where in the network packets employing IPv6 Extension Headers are being dropped. They test the path with IPv6 packets containing TCP or ICMPv6 payloads and a Hop-by-Hop Options Header of 8 or 256 bytes. Based on the obtained results, the tool can infer what is the system causing the packet drops.


\fBtrace-fh256-tcp\fR
\fBtrace-fh256-icmp\fR

These scripts are meant to obtain information about where in the network packets employing IPv6 Extension Headers are being dropped. They test the path with IPv6 packets containing TCP or ICMPv6 payloads resulting in IPv6 fragments of around 256 bytes. Based on the obtained results, the tool can infer what is the system causing the packet drops.


\fBtrace-do8-tcp-stdin\fR
\fBtrace-do8-icmp-stdin\fR
\fBtrace-do256-tcp-stdin\fR
\fBtrace-do256-icmp-stdin\fR

These scripts are meant to obtain information about where in the network packets employing IPv6 Extension Headers are being dropped. They test the path with IPv6 packets containing TCP or ICMPv6 payloads and a Destination Options Header of 8 or 256 bytes. Based on the obtained results, the tool can infer what is the system causing the packet drops. These tools read one IPv6 address per line form standard input and, for each of those addresses, information is printed with the following syntax:



\fBtrace-hbh8-tcp-stdin\fR
\fBtrace-hbh8-icmp-stdin\fR
\fBtrace-hbh256-tcp-stdin\fR
\fBtrace-hbh256-icmp-stdin\fR

These scripts are meant to obtain information about where in the network packets employing IPv6 Extension Headers are being dropped. They test the path with IPv6 packets containing TCP or ICMPv6 payloads and a Hop-by-Hop Options Header of 8 or 256 bytes. Based on the obtained results, the tool can infer what is the system causing the packet drops. These tools read one IPv6 address per line form standard input and, for each of those addresses, information is printed with the following syntax:



\fBtrace-fh256-tcp-stdin\fR
\fBtrace-fh256-icmp-stdin\fR

These scripts are meant to obtain information about where in the network packets employing IPv6 Extension Headers are being dropped. They test the path with IPv6 packets containing TCP or ICMPv6 payloads resulting in IPv6 fragments of around 256 bytes. Based on the obtained results, the tool can infer what is the system causing the packet drops. These tools read one IPv6 address per line form standard input and, for each of those addresses, information is printed with the following syntax:



.TP
.BR \-h\| ,\  \-\-help

Print help information for the 
.B scan6
tool. 

.SH EXAMPLES

The following sections illustrate typical use cases of the
.B script6
tool.

\fBExample #1\fR

# scan6 \-i eth0 \-L \-e \-v

Perform host scanning on the local network ("\-L" option) using interface "eth0" ("\-i" option). Use both ICMPv6 echo requests and unrecognized IPv6 options of type 10xxxxxx (default). Print link-link layer addresses along with IPv6 addresses ("\-e" option). Be verbose ("\-v" option).


\fBExample #2\fR

# scan6 \-d 2001:db8::/64 \-\-tgt\-virtual\-machines all \-\-ipv4\-host 10.10.10.0/24

Scan for virtual machines (both VirtualBox and vmware) in the prefix 2001:db8::/64. The additional information about the IPv4 prefix employed by the host system is leveraged to reduce the search space.

\fBExample #3\fR

# scan6 \-d 2001:db8::/64 \-\-tgt\-ipv4\-embedded ipv4\-32 \-\-ipv4\-host 10.10.10.0/24

Scan for IPv6 addresses of the network 2001:db8::/64 that embed the IPv4 prefix 10.10.10.0/24 (with the 32-bit encoding).

\fBExample #4\fR

# scan6 \-d 2001:db8:0\-500:0\-1000

Scan for IPv6 addresses of the network 2001:db8::/64, varying the two lowest order 16\-bit words of the addresses in the range 0\-500 and 0\-1000, respectively.

\fBExample #5\fR

# scan6 \-d fc00::/64 \-\-tgt\-vendor 'Dell Inc' \-p tcp

Scan for network devices manufactured by 'Dell Inc' in the target prefix fc00::/64. The tool will employ TCP segments as the probe packets (rather than the default ICMPv6 echo requests).

\fBExample #6\fR

# scan6 \-i eth0 \-L \-S 66:55:44:33:22:11 \-p unrec \-P global \-v

Use the "eth0" interface ("\-i" option) to perform host-scanning on the local network ("\-L" option). The Ethernet Source Address is set to "66:55:44:33:22:11" ("\-S" option). The probe packets will be IPv6 packets with unrecognized options of type 10xxxxxx ("\-p" option). The tool will only print IPv6 global addresses ("\-P" option). The tool will be verbose.

\fBExample #7\fR

# scan6 \-d 2001:db8::/64 \-w KNOWN_IIDS

Perform an address scan of a set of known hosts listed in the file KNOWN_IIDS, at remote network 2001:db8::/64. The target addresses are obtaining by concatenating the network prefix 2001:db8::/64 with the interface IDs of each of the addresses fund in the file KNOWN_IIDS.

\fBExample #8\fR

# scan6 \-i eth0 \-L \-P global \-\-print\-unique \-e

Use the "eth0" interface ("\-i" option) to perform host-scanning on the local network ("\-L" option). Print only global unicast addresses ("\-P" option), and at most one IPv6 address per Ethernet address ("\-\-print\-unique" option). Ethernet addresses will be printed along with the corresponiding IPv6 address ("\-e" option).

\fBExample #9\fR

# scan6 \-m knownprefixes.txt \-w knowniids.txt \-l \-z 60 \-t \-v

Build the list of targets from the IPv6 prefixes contained in the file 'knownprefixes.txt' and the Interface IDs (IIDs) contained in the file 'knowniids.txt'. Poll the targets periodically ("\-l" option), and sleep 60 seconds after each iteration ("\-z" option). Print a timestamp along the IPv6 address of each alive node ("\-t" option). Be verbose ("\-v" option).




.SH AUTHOR
The
.B script6
tool and the corresponding manual pages were produced by Fernando Gont 
.I <fgont@si6networks.com>
for SI6 Networks 
.IR <http://www.si6networks.com> .

.SH COPYRIGHT
Copyright (c) 2014\-2015 Fernando Gont.

Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front\-Cover Texts, and no Back\-Cover Texts.  A copy of the license is available at
.IR <http://www.gnu.org/licenses/fdl.html> .
